This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Forced TLS on all incoming mail

 Hi,

 

Running UTM 9.6 for starters...

What I need is to explicit define the UTM, to require TLS 1.2 on all incoming mail, and deny anything else.

I have tried with "*" "*@*.*" but i cannot positively confirm, that it's not falling back to opportunistic TLS :-/

Anyone have setup so all outgoind is TLS required, and so all incoming is TLS requoired too, on the UTM?

happy holidays!



This thread was automatically locked due to age.
Parents
  • Hi Martin,

    Use the "Any" network object instead of trying to use email addresses.

    To check to see which of your correspondents used TLSv1.1 this year:

     zgrep 'TLSv1.1' /var/log/smtp/2018/*/* |grep -oP '<= .*? H=' |sort -n|uniq -c|sort -n

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi Bob,

    Thanks for this ;)

    Will this be in both directions? - So mail coming from inside, will be forced to be send with TLS and all received mails will be forced TLS?

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

Reply Children